Saturday, 16 July 2016

On 00:23 by admin   No comments
A team of researchers from semiconductor developer NXP have shown that in fact it can be much easier than thought to extract the keys from a white-box environment.

Cryptographic keys protected by white-box software implementations are traditionally regarded as the best form of security. Keys can only to be extracted from white-box implementations by time-consuming reverse-engineering effort and complicated algebraic attacks.

At the same time, little was known about their actual security level, since there is no certification scheme for software implementations.

But NXP researchers discovered a new threat to white-box implementations that needs no expertise and no reverse engineering effort, and that can be deployed automatically.

Maximum security in sensitive environments therefore obviously requires a combination of secure software and secure hardware elements. Adding embedded Secure Elements (eSE) could fill this gap.


Post a comment